When one thinks of physical threats and event security they may not initially think about the importance of social media monitoring. For hundreds of years, security teams have been set up to protect physical assets, such as VIP’s, dignitaries, executives and the like. Even now in the twenty-first century this has not changed. A good security team provides skilled and alert professionals on the ground and a supervisory team to coordinate with them based on a pre-planned strategy and a response plan for threats that arise in real time. A major part of any strategy is the reliance of eyes on the ground. A skilled agent can spot individuals who look out of place and close in on threats observed on the ground level. Another skill in the ground agent’s tool belt is the ability to analyze data received from a central hub, or dispatch. Sometimes this comes as a simple BOLO (be on the look out) alert. When a BOLO is issued, the ground team can be on alert for specific individuals who pose high risk of threat and may be on premises.

A good event security plan should entail a team conducting surveillance of online chatter. This includes social media, online forums and chat groups. What is spotted online can severely affect the direction of the ground efforts. This surveillance should include keyword study based on the client/asset’s name as well as trigger words such as “kill”, “hate”, “shoot” and many, many others. In addition to keyword monitoring, it is important to geofence all social media posts as well. Geofencing is the creation of a virtual perimeter using the GPS (global positioning system) information provided in users’ mobile phones. Although general threat monitoring across all the Web is important, it is paramount that the team knows exactly what threats are coming from the venue itself. Not only what threats, but who is making them.

Positive identification of each potential threat is a necessary component of any effective event security strategy. If someone tweets that they want to stab your VIP, members of your team should immediately identify and profile them to determine how to handle said threat. If the subject has a violent history, or photos of weapons or hate insignia on their social media, things might need to be escalated. If the subject is a thousand miles away from your client at the time of the threat, perhaps it can be shelved for the morning. If the subject is at the event at which the VIP is presenting/attending, the entire on-site security team needs to be put on high alert and the detail needs to be structured accordingly.

In addition to the physical security aspect, data leaks often happen at major events. A client’s marketing team may be working for months to build fan anticipation for an announcement, a trailer, or something else at a major entertainment convention. Did you know that hundreds of leaks come from these events? An onlooker could spoil everything with an Instagram pic or a YouTube upload. Those folks need to be notified and scolded. The same team that is monitoring the physical security threats should also be skilled in spotting leaks with the same zeal and expertise.

For the last decade, IPCybercrime has led the charge in this arena. No matter the location of the event, the subject matter, or even size, we have been assisting our clients’ security teams in doing all of the above. Our Threat Management and Data Leak services cover all of the above, as well as the ability to get field agents on the ground anywhere in the world to assist in any situation that arises. Oh, and IPCybercrime does this ethically and legally without creating unwanted tabloid issues for the client. Filing a police report is the equivalent of sending a press release directly to TMZ. Stay alert, be safe and discreet. Most importantly, don’t be blindsided.

In business, there is nothing more important than winning. With every product–no matter if it is a movie, a dog biscuit, a toothbrush, or a toy–the project needs the same careful strategy put into place to assure your stakeholders that the outcome will be its most optimal. There are a number of areas that need to be taken into consideration before embarking on the project. Being an experienced firm that handles these things, we don’t treat product development much differently than the government treats their covert operations. Here are a few areas of focus:

Naming: Begin with a code name that will stick with the project until the reveal. Then have your creative team come up with their wish list of possible names. Before the legal clearance process, you must have an experienced investigative team to determine feasibility of each. This will provide a solid foundation for your attorneys and save a lot of time, money and disappointment.

Leaks: Develop a protocol and a deliberate chain of communication. The more transparent the chain is the easier it will be to trace and identify leaks. Once data is flowing, there needs to be a monitoring system in place. Leaks sometimes come from in-house but that they can also come from trade shows, market research, vendors and the like. These leaks need to be identified and dealt with in an effective way. Did you know that sending a cease and desist letter confirms the leak? Bad move. ID them and deal with it behind the scenes.

Post-Launch: After launch, you will be bombarded by a number of issues including negative reviews, bad publicity, stalkers, threats, and, most inevitably, counterfeit and pirated versions of your product. This phase requires a multi-pronged approach that can work seamlessly with your security, legal and marketing departments.
Of course, since I’m sending this email to you, I believe that IPCybercrime is the company that can do it best. Since the mid-90s we have been assisting major corporations with all of the above. No matter the industry or product type, in our more than twenty years, we’ve been on the forefront.

We want to be your first call. If you’re mid-project… it’s still not too late. We want to be a part of your team.

What is Doxing? Doxing (or doxxing) is a verb derived from the word ‘documents’. It is the Internet-based practice of researching and broadcasting private or personally identifiable information about an individual or organization. The methods employed to acquire this information include searching publicly available databases. social media websites, hacking, and social engineering. It is closely related to internet vigilantism and hacktivism. Doxing may be carried out for various reasons, including to aid law enforcement, business analysis, extortion, coercion, harassment, online shaming, and vigilante justice. Doxing began in the 1990s as a common online revenge tactic. Now, doxing is used in so many ways it is hard to predict how information will be uncovered and used against you or your organization. This is why you should understand the tactic and have a plan in place to mitigate its effects.

Why Do People Dox Others? Over our fifteen years in business, we have seen a large number of our clients doxed for the purpose of revenge, public shaming and, even worse, to promote personal threats. Examples are varied depending on the person or organization. Here are three examples that we see most often:

Competitive Advantage: Although unethical, there have been cases where competitors employ hackers to broadcast derogatory information about a business foe in order to develop negative sentiment among consumers. In political circles this is known as opposition research. As you would expect, the motivation here is most often financial or political.

Vigilante Justice: Believe it or not, whether or not you believe you are working for the forces of good, there is likely a contingent of the population that believes otherwise. Examples can be enforcement of Intellectual Property Rights, reputation management and many others. There is a massive sect of the online population that believes these actions are a violation of their rights. This is typically motivated by individuals who believe they are working to improve the greater good of society.

Harassment/Online Shaming: This is currently the most prevalent purpose for doxing. Unlike the two above, this is much more personal. Someone who doxes for these prescribed results usually believes they have been ‘wronged’ in some way by their target. Believe it or not, these individuals are the hardest to stop because they normally have very little to lose and believe they are fighting for their dignity and/or life.

Who is Targeted? I’ve been targeted. Many attorneys are targeted. Police officers, judges, jurors. Anyone who runs for office is targeted. Most corporate officers of Fortune 500 companies are targeted. Powerful Hollywood figures are targeted. Today, it was announced that members of the Electoral College are now being targeted. Most folks that fit the categories I mentioned are good people, but work in a position that cause stress or opposition to a small group of deviants.

What Do They Publish? Everything is fair game. Of course, you first think of basic Personally Identifiable Information (PII) such as full name, private phone numbers, Social Security Number, date of birth, and home address. In some circumstances, we have seen these deviants publish the childrens’ names and schools of their targets. It is most common for the actual doxer’s intent not to take action themselves, but to encourage or inspire others to use the information to harass, shame or threaten the target. Please understand the purpose of this message is not to cause you to fear having information published about yourself or your family. As an example, I pride myself in being an expert in counter-intelligence and I post on social media almost daily. The only effective strategy is to control the narrative before someone else does that for you.

What Can Be Done? When Personally Identifiable Information (PII) is posted to a legitimate public forum such as Reddit, Tumblr and the like, there are protocols in place to have the data removed with little hassle. However, the most motivated individuals use private blogs to post their information. This is more difficult to get rid of. This is where profiling the individual and appealing to their common sense can work wonders. Never, ever, ever, threaten the deviant with lawsuit or arrest. This is interpreted as a challenge and often empowers them to turn up the heat. Once this happens, the likelihood of mitigation has decreased. Our best advice is to first find out what is out there to be found. Hire a private investigator schooled in this tactic to dox you or your client so that you can have a battle plan. Sometimes information can be removed. In situations where it can’t, you can develop a plan of defense if ever doxed. This is where prevention by self-doxing comes in.

What Next? Call us at (833) IPCYBER or email us at info@ipcybercrime.com. Our two principals, Rob Holmes and Jason Holmes, have a combined 48 years experience and over 20,000 cases under their belts. Many dozens of our cases have involved doxing. The sooner we are contacted, the more likely the positive outcome. Hit us up. Even if it is just to clarify points in this message.

Cyber Criminals, more often than not, use tried and true online marketing techniques to reach their customers.

Did you know that scammers create attractive websites just to add suckers to their mailing lists?

Have you thought of the fact that pirates use malicious software ware to make money off of viewers?

What about the fact that, no matter how Google enforces, black hat marketers will find their way around the rules?

These are the same techniques that legitimate marketers use to reach you. Sometimes they sell you a pack of gum, sun tan lotion or the latest Hollywood blockbuster movie. IPCybercrime’s investigators are experts in online marketing. We have also been involved in some of the first and most important landmark cases involving the reverse engineering of the marketing techniques of cyber criminals. Back before online marketing was a profession, IPCybercrime has been keeping tabs on the web development community and how they reach out to their customers, whether black hat white hat, or grey. Many of those marketing techniques have evolved into what we now know as Search Engine Optimization (SEO), Affiliate networks, Sleeper Sites, Ad networks, Javascript injections, hacking, iFrame Cloaking, Malware and other Shenanigans.

The first-ever case to use covert online marketing techniques to win a federal case was Chanel v. Krispin (SDFL 2008). In this particular case, investigators at IPCybercrime logged and analyzed the source code of thousands of websites, while linking and grouping many offenders based on specific java script code inserted into subject websites. As a result, more often than not, we have been able to footprint the entire operation and bring the case to a successful outcome.

How We Can Help You

I can bet you that a major part of your casework now is based on offenders selling something online that is infringing on your rights or client’s rights. What IPCybercrime offers is a 20/20 view of the universe that encapsulates the online fraud world. We know everyone has their favorite investigator for particular projects. IPCybercrime does not want to interfere with that relationship. In fact, we work with those teams on many of our case and already have a great one-two-punch style relationship. What we want is to be a part of the team that helps you and your other team members get from A to Z successfully.

Drop us a line. You’ll be happy you did. No hard sell. No bullshit. Just answers.

Ten years ago I asked Jason Holmes, my younger brother, to leave the US Navy to work with me. He had already served his four years in the 1990s and contributed a lot to our father’s investigative firm doing much of the same work. A natural-born private investigator and heir-apparent to the family business, Jason re-enlisted after 9/11. By 2006, I had things moving and business was where we wanted things to be. At this time, I needed to meet the clients’ growing demands by multiplying myself. How do I do that? You’re guessing correct. I needed to add my brother Jason to the mix. In 2006, Jason Michael Holmes became the Chief Operations Officer (COO) of our company and none of us have looked back. Since then, IPCybercrime has conducted more than ten thousand cases, protected billions of dollars’ worth of corporate assets and still kept things at a very human level for our clients.

Background

As Founder and CEO of this company, it brings me to the most sentimental place to suggest that my brother, who worked cases since he was a pre-teen, has succeeded not only me, but our father before us, as the greatest detective of our time. Jason Holmes, in fact, is that person. To give you a brief history, I started this company in 2001 after working for another firm. Jason worked for our father in NYC during his teens and also between his Mediterranean tours commissioned on the USS WASP which was docked in Virginia Beach. After his first stint, Jason worked with the old man to develop some of the world’s first Internet-related enforcement programs. After 9/11 happened, he reenlisted and headed out to the West Coast for his next adventure. While there, we worked together and also grew closer due to my proximity in Southern California. Business demands were growing and, naturally, I called upon Jason to run Operations. Here we are, ten years later and IPCybercrime has grown to be the most renowned of its kind. This is of many thanks to Jason.

In the last year or so, with the ever-increasing interest in investigating subjects on the Dark Web, our clients have been asking us more and more about bitcoin. Bitcoin is an open source digital asset which utilizes a peer-to-peer system with which users can interact directly without an intermediary. Bitcoin is not the first cryptocurrency, but it is the first decentralized digital currency acknowledged by United States Treasury. It is the largest of its kind in terms of total market value. Although your local department store may not yet have adopted bitcoin as payment, major companies such as Dell, Overstock, and Expedia have. In fact, IPCybercrime now accepts bitcoin as well. Even more importantly from and investigation standpoint, it is the sole payment method on the Dark Web. Here are a few bitcoin basics that we think you should know:

Market

The Bitcoin market is a very volatile market. According to a study by Boston University, bitcoin has volatility seven times greater than gold, eight times greater than the S&P 500 and eighteen times greater than the U.S. Dollar. Here at IPCybercrime, we deal in bitcoin on a daily basis. During trades and purchases, it is not uncommon to see the price change $50 either way within minutes. While conducting our investigations, it does make bookkeeping somewhat difficult. In regard to our clients, we bill them at the price bitcoin was at the time we converted their currency to bitcoin. This is different each time but easily referenced.

Block Chain

The block chain is a public ledger maintained by a public network that records bitcoin transactions. All transactions are broadcast to this network using common software utilized by its users. The important thing to understand about the block chain is that all transactions are independently verified by a distributed database. Because the block chain is public, all transaction are public. This means anyone can research a bitcoin wallet ID to track their transactions, including whom they transact with.

Wallet

It is necessary for a person to first have a bitcoin wallet before trading in bitcoin. There are a number of software wallets that are readily available online. There are also hardware wallets that enable an extra layer of security by requiring the equipment to be present during a transaction. It is most common to use a software wallet. All software wallets that are created to be compliant to transfer in US currency by way of bank wire or credit card are regulated using US rules. This means they require ID verification. That’s not always good for undercover investigations. IPCybercrime has vast experience working with legal sources to maintain legitimate bitcoin wallets without giving away our identity to the general public, or worse, the bad guys.

IPCybercrime regularly conducts purchases and investigates perpetrators using bitcoin, the Dark Web, and the block chain and consider ourselves experts among our peers. Contact us if you would like to know more how IPCybercrime can assist your company in legal or investigative matters that involve bitcoin.